TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f91b2e5a97ca0f60f8a172ad058b48e4703da804^! / . / library / ssl_tls.c
commitf91b2e5a97ca0f60f8a172ad058b48e4703da804[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Mon Dec 13 12:36:15 2021 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Mon Dec 13 13:55:17 2021 +0100
treee33ddcaee10965a766adb375611f1d3cd37b3e6f
parent69d3b86baaac0ac9c70189e0c593110c28a01115 [diff] [blame]
mbedtls_ssl_parse_finished: zeroize expected finished value on error

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 537adc2..ae1a106 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3636,7 +3636,7 @@
     if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
     {
         MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
+        goto exit;
     }
 
     if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
@@ -3644,7 +3644,8 @@
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
         mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                         MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+        ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+        goto exit;
     }
 
     /* There is currently no ciphersuite using another length with TLS 1.2 */
@@ -3661,7 +3662,8 @@
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
         mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                         MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
+        ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+        goto exit;
     }
 
     if( mbedtls_ct_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
@@ -3670,7 +3672,8 @@
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
         mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                         MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
+        ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+        goto exit;
     }
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
@@ -3699,7 +3702,9 @@
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
 
-    return( 0 );
+exit:
+    mbedtls_platform_zeroize( buf, hash_len );
+    return( ret );
 }
 
 static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )